Information systems that deal in sensitive information may require high levels of security. When users of a secure information system are co-located with that system, the users may connect directly to the system in a secure environment. On the other hand, when the users are remote to secure information systems, it may be necessary to establish a secure, encrypted communications channel between the user and the information system. For example, a U.S. government employee may wish to connect to a classified information system via a laptop computer and a public access network such as a Wi-Fi hotspot. Establishing such a connection may require a high level of security between the computer and the information system to protect the classified data as it traverses the non-secure public network.
To establish the secure, encrypted communication channel between the user and the information system over a public network, the user may employ a Type 1 device. Type 1 products are devices or systems that are certified by the National Security Agency for using cryptographically secure and classified U.S. government information. Generally, Type 1 designation may be reserved for products that have been analyzed and tested for cryptographic security, tamper resistance, mission security, and the like. The Type 1 device may be placed between the user's computer and the non-secure public network over which the user wishes to establish a secure communication channel. The Type 1 device may include the cryptographic algorithms required to establish a secure connection over the public network.
Often, the user may desire to connect to more than one secure network, and each network may have its own computer addressing scheme. If the user's computer is not configured consistent with a particular secure network's addressing scheme, the user may not be able to connect to the resources of that network. To be assured of connectivity, the user may have to manage a number of different configurations and manually configure the computer for each network. Furthermore, the user may have to know the addressing scheme before attempting a connection to the secure network. The requirement that users have a priori knowledge of the addressing scheme complicates network administration, topology and routing changes such as sub-netting, and the overall user experience. Thus, there is a need for a Type 1 encryption device that facilitates configuration of the user's computer.